Modern operating systems allow for individual applications to execute in a sandbox. A sandbox is a security mechanism for separating running applications. A sandbox typically provides a tightly controlled set of resources for the application executing in the sandbox, such as portions of disk space and memory that are inaccessible to applications executing outside of the sandbox. Other resources, such as network access, the ability to make system calls, the ability to inspect the host system, read from input devices, or write to the filesystem, are often disallowed or heavily restricted. Accordingly, a malicious application executing in a sandbox is often unable to compromise the host system or interfere with the execution of other applications by the host system.
As a result, a sandboxed application is often unable to communicate or directly share information with another application executing outside of the sandbox. For example, a sandboxed application can be prevented from sending a message or request to another sandboxed application using traditional approaches for interprocess communications (e.g. signals, sockets, pipes or named pipes, message queues, shared memory, memory-mapped files, files on disk, or similar approaches). Moreover, an application executing in the sandbox can be unaware of the existence of applications outside of the sandbox. As a result, multiple applications installed on a client device that communicate with a common server backend can be viewed as separate client devices or duplicate client devices by the server backend.